POST /platform/v1/ens-verify

Verifies a callback so that it can receive notifications.

JSON Parameters 
NameTypeDescription
callbackIdstringRequired. A unique identifier of the callback.
verificationKeystringRequired. A unique, single-use verification code for the callback. This value is returned as a response to a creation request.

Usage 

The Event Notification Service requires a two-step verification process for registering a callback. Two-step verification ensures that the stream of event notifications can’t be used to attack an external URL endpoint. To achieve this security, the URL endpoint must have a critical role in the verification process. Therefore, it’s the only receiver of the single-use verification key needed to complete callback verification.

In callback verification, a unique, single-use verification key is generated when you create a callback and is sent to the callback URL that you registered using the create callback route. The payload that is posted to the callback URL is the same payload used to call the verify callback route.

{
  "callbackId": "CALLBACK_ID_STRING",
  "verificationKey": "VERIFICATION_KEY_STRING"
}

The URL endpoint must capture verification details, including the verification key, and immediately return them by calling the verify callback route. Alternatively, you can capture the verification details so that developers can manually call the verify callback route.

To log the verification details in a request that uses manual verification, use this code in your callback implementation.

JSONObject req = new JSONObject(<httprequest>);

if (req.getString("verificationKey") != null) {
   // Return HTTP 200 code
  System.out.println("Verification details: " + <httprequest>);
} else {
   // Insert notification processing code here.
}

To manually verify the callback, use the logged verification details to invoke the verify callback route.

curl -X POST \
 https://YOUR_SUBDOMAIN.rest.marketingcloudapis.com/platform/v1/ens-verify \
 -H 'Authorization: Bearer BEARER_TOKEN' \
 -H 'Content-Type: application/json' \
 -d '{
   "callbackId": "<callbackIDString>",
   "verificationKey": "<verificationKeyString>"
}'

Ensure that your callback completes verification within four hours.

Example Request 

 
Host: https://YOUR_SUBDOMAIN.rest.marketingcloudapis.com
POST /platform/v1/ens-verify
Content-Type: application/json
Authorization: Bearer YOUR_ACCESS_TOKEN

{
  "callbackId": "65b885ab-c2b4-46fe-85d0-d6cb8be8057d",
  "verificationKey": "CZwJw4XATH6LK1fPWFeMDkIyVbro6T3ijXK8CrzQe2s="
}

HTTP Responses 
ResponseReason
200 OKThe callback was verified.
400 Bad RequestThe server was unable to process the request.
403 ForbiddenThe server was unable to authorize the request.
404 Not FoundIncorrect callback ID, verification key, or both.
500 Server ErrorAn internal error occurred.

Clouds with binary code floating aboveCloud with binary code floating above

No Results

Search Tips:

  • Please consider misspellings
  • Try different search keywords
Summary
Address
Approvals
Assets
Audits
Auth
Automation Studio
Bulk Data Ingest
Campaigns
Chat Messaging
Contacts
Custom Objects
Data Extension Data
Data Extension Imports
Data Extension Rows (Asynchronous)
Data Extension Rows (Synchronous)
Domain Verification
Event Notification
Create Callback
Verify Callback
Get Callback
Update Callback
Delete Callback
Get All Callbacks
Create Subscription
Delete Subscription
Get Subscription
Get All Subscriptions for a Callback
Update Subscription
Regenerate Signature Key
File Transfer Locations
Journeys and Events
Messaging
Nested Tags
Platform
Push
Security
Seed List
SMS
Transactional Messaging - Email
Transactional Messaging - Push
Transactional Messaging - OTT
Transactional Messaging - SMS
Workflow Teams
REST API Permission IDs and Scopes